Firefox 67.0 was released today. From the Mozilla
blog: “Today’s new
Firefox release continues to bring fast and private together right at the
crossroads of performance and security. It includes improvements that
continue to keep Firefox fast while giving you more control and assurance
through new features that your personal information is safe while you’re
online with us.”
You can download it
from
here, and see the release
notes for details.

ownCloud
announces its new server version 10.2, which introduces advanced sharing permissions,
a secure view feature and automatic synchronization between federated clouds.
From the press release: “the new server version of ownCloud focuses on more
freedom and security in file distribution. The “Advanced Sharing Permissions”
feature in particular provides developers with far-reaching options for
implementing individual release functions at user and group level as well as
providing data with special security settings.”

Ubuntu has expanded its Kernel Uploader Team. Phoronix
reports that it’s “a sign of the times with the Linux kernel being
affected by an increasing number of CVEs (and particularly high profile ones
at that), there are now more Ubuntu developers with upload rights for sending
down new kernel upgrades.” New to the Kernel Uploaders Team are Tyler Hicks,
Juerg Haefliger and Khalid Elmously.

Kenna
Security reports that “nearly 20% of the 1000 most popular Docker containers
have no root password”. Researcher Jerry Gamblin built
a script to find null root Docker containers,available
on GitHub that found some well known names: “govuk/governmentpaas,
hashicorp, microsoft, monsanto, and mesosphere. kylemanna/openvpn is the most
popular container on the list and it has over 10,000,000 pulls.” He also
notes that “The findings are interesting, but I don’t want to be overly
alarmist. Just because a container has no root password does not mean that it
is automatically vulnerable. These findings could lead to configuration-based
vulnerabilities in certain situations, as was the case with this the Alpine
Linux vulnerability.”